Upload
vincent-composieux
View
399
Download
1
Embed Size (px)
Citation preview
www.eleven-labs.com
WORKSHOP
Factory Vincent Composieux@vcomposieux
… to beyond and
CONSULSERVICE DISCOVERY&
FAILURE DETECTION
2013FIRST COMMIT
WHAT ABOUT CONSUL?
Open-source & built by HashiCorp.
“Consul has multiple components, but as a whole, it is a tool for discovering and configuring services in your infrastructure.”
GOWRITTEN
WHAT ABOUT CONSUL?
FRONT 01 FRONT 02 FRONT 03
Terminal
$ curl http://frontend.eleven-labs.com ..
DNS API
UP UPDOWN
WHAT ABOUT CONSUL?
SERVICE DISCOVERY
➔ Register new services via configuration or API➔ Access all available services or a specific one➔ Updates automatically when new services are
available or not
FAILURE DETECTION
➔ Updates automatically Consul services when a service is down
➔ Manages services states (we can put a service in maintenance for instance)
CONSENSUSPROTOCOL
http://thesecretlivesofdata.com/raft/
WHAT ABOUT CONSUL?
GOSSIPPROTOCOL
This is for consistency: nodes inherit from a state: follower, candidate or leader.
Propagation of information (epidemy)
WHAT ABOUT CONSUL?
8600DNS
8500HTTP
83008400
RPC
Use port 8300 (TCP only) but also:
➔ 8301 (TCP/UDP, Gossip over LAN)➔ 8302 (TCP/UDP, Gossip over WAN)
This port exposes:
➔ A web UI➔ A HTTP API
This port is used for DNS server.
Possible to override with --dns-port
WHAT ABOUT CONSUL?
https://demo.consul.io
WEB UI LOOKS LIKE THIS
SERVICE DISCOVERYHANDS ON
swarm→ registrator→ ekofr/http-ip
swarm→ registrator→ ekofr/http-ip
ARCHITECTURE
CONSUL(Machine / Swarm Discovery)
NODE #01(Machine / Master)
NODE #02(Machine)
HTTP DNS
1
2 33DOCKER
MACHINES
1SWARM
CLUSTER
7DOCKER
CONTAINERS
CONSUL > Machine
Terminal
$ docker-machine create -d virtualbox consul ..
Create the “consul-master” machine under Docker,using the Virtualbox driver.
CONSUL(Machine)
CONSUL > Container
Terminal
$ eval $(docker-machine env consul)$ docker run -d \ -p 8301:8301 \ -p 8302:8302 \ -p 8400:8400 \ -p 8500:8500 \ -p 53:8600/udp consul ..
Enter your consul-master environment and run the “consul” Docker image (as server).
CONSUL(Machine)
NODE #01 > Machine (New tab)
Terminal
$ docker-machine create -d virtualbox \ --swarm \ --swarm-master \ --swarm-discovery="consul://$(docker-machine ip consul):8500" \ --engine-opt="cluster-store=consul://$(docker-machine ip consul):8500" \ --engine-opt="cluster-advertise=eth1:2376" swarm-node-01 ..
Create the “swarm-node-01” machine under Dockerand map Swarm discovery with Consul.
CONSUL(Machine)
NODE #01
NODE #01 > Registrator
Terminal
$ eval $(docker-machine env swarm-node-01)
$ docker run -d \ --volume=/var/run/docker.sock:/tmp/docker.sock \ gliderlabs/registrator \ -ip $(docker-machine ip swarm-node-01) \ consul://$(docker-machine ip consul):8500 ..
Enter “swarm-node-01” machine and run a Registrator Docker image as a daemon.
CONSUL(Machine)
NODE #01
NODE #01 > HTTP Container
Terminal
$ docker network create \ --subnet=172.18.0.0/16 network-node-01
$ docker run -d \ --net network-node-01 \ -p 80:8080 \ ekofr/http-ip ..
Create a “network-node-01” Docker network and run “ekofr/http-ip” using this network.
CONSUL(Machine)
NODE #01
NODE #02 > Machine (New tab)
Terminal
$ docker-machine create -d virtualbox \ --swarm \ --swarm-discovery="consul://$(docker-machine ip consul):8500" \ --engine-opt="cluster-store=consul://$(docker-machine ip consul):8500" \ --engine-opt="cluster-advertise=eth1:2376" swarm-node-02 ..
Create the “swarm-node-02” machine under Dockerand map Swarm discovery with Consul.
CONSUL(Machine)
NODE #01 NODE #02
NODE #02 > Registrator
Terminal
$ eval $(docker-machine env swarm-node-02)
$ docker run -d \ --volume=/var/run/docker.sock:/tmp/docker.sock \ gliderlabs/registrator \ -ip $(docker-machine ip swarm-node-02) \ consul://$(docker-machine ip consul):8500 ..
Enter “swarm-node-02” machine and run a Registrator Docker image as a daemon.
CONSUL(Machine)
NODE #01 NODE #02
NODE #02 > HTTP Container
Terminal
$ docker network create \ --subnet=172.19.0.0/16 network-node-02
$ docker run -d \ --net network-node-02 \ -p 80:8080 \ ekofr/http-ip ..
Create a “network-node-02” Docker network and run “ekofr/http-ip” using this network.
CONSUL(Machine)
NODE #01 NODE #02
What’s happening on DNS?
Terminal
$ dig @$(docker-machine ip consul) http-ip.service.consul ..
;; QUESTION SECTION:;http-ip.service.consul. IN A
;; ANSWER SECTION:http-ip.service.consul. 0 IN A 192.168.99.100http-ip.service.consul. 0 IN A 192.168.99.102
Let’s make a DNS call to ensure that our “http-ip” service is available under 2 machines! Shutdown them!
DNS
What’s happening on DNS?
Terminal
$ dig @$(docker-machine ip consul) http-ip.service.consul SRV ..
;; ANSWER SECTION:http-ip.service.consul. 0 IN SRV 1 1 80 c0a86366.addr.dc1.consul.http-ip.service.consul. 0 IN SRV 1 1 80 c0a86364.addr.dc1.consul.
SRV records allows to define a priority and a weight for DNS entries but it is not supported by Consul at this time.
You can find more information on SRV records on Wikipedia.
Add DNS to your system
Let’s make an HTTP call to ensure that both nodes answers. Add Consul DNS server as a resolver.
CONSUL(Machine)
Call HTTP service
Terminal
$ curl http://http-ip.service.consulhello from 172.18.0.2
$ curl http://http-ip.service.consul .. hello from 172.19.0.2
Now, perform your HTTP request and confirm that you are balanced between your two machines.
HTTP DNS
FAILURE DETECTIONHANDS ON
NODE #01 > Add a HTTP check
Terminal
$ eval $(docker-machine env swarm-node-01)
$ docker kill \ $(docker ps -q --filter='ancestor=ekofr/http-ip') ..
First, kill the docker container that runs ekofr/http-ip.We will launch it just after with a health check.
NODE #01 > Add a HTTP check
Terminal
$ docker run -d \ --net network-node-01 -p 80:8080 \ -e SERVICE_CHECK_SCRIPT="curl -s -f http://$(docker-machine ip swarm-node-01)" \ -e SERVICE_CHECK_INTERVAL=5s \ -e SERVICE_CHECK_TIMEOUT=1s \ ekofr/http-ip ..
Add a check to the ekofr/http-ip container.We add a HTTP check here but it could be what you want.
More information about Registrator available environment variables here.More information on Consul check definition here.
NODE #02 > Add a HTTP check
Terminal
$ eval $(docker-machine env swarm-node-02)
$ docker kill \ $(docker ps -q --filter='ancestor=ekofr/http-ip') ..
First, kill the docker container that runs ekofr/http-ip.We will launch it just after with a health check.
NODE #02 > Add a HTTP check
Terminal
$ docker run -d \ --net network-node-02 -p 80:8080 \ -e SERVICE_CHECK_SCRIPT="curl -s -f http://$(docker-machine ip swarm-node-02)" \ -e SERVICE_CHECK_INTERVAL=5s \ -e SERVICE_CHECK_TIMEOUT=1s \ ekofr/http-ip ..
Add a check to the ekofr/http-ip container.We add a HTTP check here but it could be what you want.
More information about Registrator available environment variables here.More information on Consul check definition here.
Check services health via web UI
If you launch the UI, you should see your health checks:
Check services health via API
Terminal
$ curl http://$(docker-machine ip consul):8500/v1/health/checks/http-ip ..[ { "Status": "passing", "Output": "hello from 172.18.0.2", "ServiceName": "http-ip", }, …]
Note that you can also check your services’s health via the Consul API “/health” endpoint:
THANK YOU